The FBI is warning Eastern Washington agricultural companies to reevaluate their cybersecurity as soon as possible or risk ransomware attacks that could cripple their businesses and possibly disrupt the food supply chain.
Over the past year, the FBI has seen an increase in ransomware targeting farmers, growers and others in the agricultural industry during critical seasons, when even a slight schedule delay could have rippling consequences.
“They try and force the victim to pay the ransom because they can’t wait to either plant or harvest,” said Special Agent Kevin Brennan with the FBI Seattle field office. “If it’s pay these guys six figures or go out of business, you know, it’s going to be painful.”
Brennan said all it takes is one person within the company to open a bad email or click on an errant link, or for someone to find a vulnerability within your network for all of a company’s data to be stolen, encrypted and held ransom.
Ransomware attacks against fruit packing, grain companies
The FBI has received reports of more than a half-dozen such cyberattacks over the past year and a half, including several aimed grain or feed milling facilities. While some were able to continue operations, others had to limit or pause operations due to missing data.
“If you are impacted by ransomware and you don’t have a backup, you’re generally offline about three weeks, which is problematic if you’re in the height of picking season or the height of packaging season for some of these growers,” Brennan said.
Last summer, JBS Foods — the world’s largest meat supplier — had to close down its meat plants due to a ransomware attack that sparked debates about consolidation in the meatpacking industry and the vulnerability of the food supply chain.
“They weren’t able to actually slaughter animals and package meat products,” Brennan said. “It was publicly disclosed that they paid an $11 million ransom to try and restore their operations.”
Local governments, schools also facing increasing cyberattacks
Agricultural businesses may be the newest target, but cyberattacks are on the rise across the country and have impacted organizations close to home.
Brennan said hackers tend to leave larger businesses with robust cybersecurity along and target companies with between 50 and 500 employees.
“Small to medium sized enterprises, where they’re big enough that they probably can’t fall back to operating on paper, but they’re small enough, they don’t necessarily have a dedicated cybersecurity operations center,” Brennan said.
Half of the time, Brennan said the data breach happens when someone clicks on an email that connects them to the person issuing the cyberattack. The other half of the time, it’s through a remote connection to your company that’s been compromised.
According to the Washington Attorney General’s Office, the number of ransomware attacks has surged in recent years from just seven in 2020 to 150 in 2021.
Cyberattacks have hit businesses, schools, health care facilities, nonprofits and other organizations, resulting in numerous data breaches. That list including several incidents in Yakima, Kittitas, Benton, Franklin and Walla Walla counties:
- Benton County had a data breach involving email security issues from Nov. 11, 2019 to Dec. 9, 2019, which potentially affected the security of personal information for 820 residents.
- Walla Walla County had a data breach involving a cyberattack in September 2020, which potentially affected the security of personal information for 577 residents.
- The City of Ellensburg had a data breach due to a ransomware attack on Dec. 21, 2021, which impacted city operations for days and potentially affected the security of personal information for 8,523 residents.
- Tree Top in Selah had a data breach due to a ransomware attack in November 2020, which potentially affected the security of personal information for 5,000 residents.
Trios Health in Kennewick, Tri-Cities Chaplaincy, Cougar Den in White Swan, Keller Supply Company in Union Gap, People for People in Yakima and Pacific Northwest University of Health Sciences have also faced cyberattacks resulting in data breaches.
Limited options for businesses targeted by ransomware attacks
The FBI discourages businesses from paying up when someone is demanding money to return their data, saying it incentivizes other hackers to follow in their footsteps.
“The other cybercriminals see that in the news and say, hey, that’s an opportunity for them,” Brennan said. “This is a business for them, even though it’s illegal.”
Brennan said another reason it’s not advisable to pay the ransom is that there’s no guarantee the data will be returned and if it is, it might not all be there.
“They are they’re criminals, not enterprise software developers, so we have seen in almost every case, some subset of that data never gets returned even if the cybercriminal provides you that decryption program,” Brennan said.
However, Brennan said they do recognize that in many cases, people feel like they can’t afford to not comply with the hackers’ demands for payment.
“That’s tough to make that decision; if your business is on the line, we understand,” Brennan said. “We prefer if you pay the ransom to let us know … if we can track them down, we can try and hold them responsible.”
Brennan said investigations often take a long time, but every new piece of information helps them track suspects down and build the case against them. Tips can be made to the Internet Crime Complaint Center here.
“Every bit of information a victim can give us might be the one that cracks the case open,” Brennan said.
FBI agents say preparing for cyberattacks is the best option
Brennan said one fruit packing business in Eastern Washington was recently targeted in a ransomware attack, but was able to continue operations because they had offline backups of their data.
“Plan as if you’re going to have some sort of disaster, whether it be natural disaster or ransomware and have an offline backup that the bad guys can’t get to,” Brennan said. “Because then you can say, you know what, I’m not gonna pay because I have my data.”
Brennan said other ways to increase cybersecurity include enabling multifactor authentication and patching your computer, wireless router and server. He said people can learn more about preventative measures at stopransomware.gov.
The Cybersecurity and Infrastructure Security Agency provides several free resources to companies wanting to look for and fix vulnerabilities in their systems, including a ransomware readiness self-assessment.
The agency also provides a desktop app to evaluate cybersecurity and free “cyber hygiene” services to help reduce the risk of a successful cyber attack.
RECENT HEADLINES FROM THE KAPP-KVEW NEWS STAFF:
READ: Moses Lake drug trafficking suspect, wanted man arrested following community complaints
COPYRIGHT 2022 BY YAKTRINEWS. ALL RIGHTS RESERVED. THIS MATERIAL MAY NOT BE PUBLISHED, BROADCAST, REWRITTEN OR REDISTRIBUTED.